Safari on Mac OS X 10.7 Lion to include do-not-track tool

Apple has added a do-not-track privacy tool to the Safari web browser in Mac OS X 10.7 Lion that would prevent websites from monitoring users' activity, according to a new report.

Apple has joined the makers of other major browsers, with the exception of Google, in supporting a do-not-track feature, The Wall Street Journal reports. Developers have discovered the tool in the latest build of Mac OS X 10.7 Lion, Developer Preview 2, which was issued two weeks ago.

According to the report, the do-not-track feature, which sends messages to websites and advertising networks requesting that the user not be tracked, requires cooperation from marketers and website owners to function properly. Major online-advertising networks have yet to agree on how to handle the system.

The Mozilla-backed do-not-track standard has reportedly not yet been included as a preference option in the Mac OS X Lion prerelease version of Safari, though it can be activated from the Develop contextual menu.

Privacy matters

Online privacy has been a hot topic as of late, as politicians, security researchers and lawyers have pressed Apple and its partners for information on how both Mac OS X and iOS handle user data.

Last week, a federal grand jury served subpoenas to several prominent mobile developers for Apple's iOS and Google's Android as part of an investigation into the sharing of user data with ad networks.

Apple CEO Steve Jobs admitted last summer that the company had been "naive" about how some companies were using the data they collected. Developers had violated Apple's privacy policy by forwarding device and location data to a third party network. The practice drew Jobs' ire last year when Flurry Analytics published the data as evidence of the then-unannounced iPad.

"It's violating every rule in our privacy policy," said Jobs. "We went through the roof about this. So we said: No, we're not going to allow this. It's violating our privacy policies and its pissing us off that they're publishing data about our new products."

Last June, two U.S. Congressmen requested information from Apple regarding its privacy policy after an erroneous report suggested that Apple had begun tracking users' locations.

In February, security experts revealed that Apple had invited them to examine a prerelease version of Mac OS X Lion as part of a renewed commitment to security.

Researchers disclosed last month a vulnerability in Safari after security analyst Charlie Miller demonstrated a hack at the "Pwn2Own" hacking contest. At the competition, analysts also succeeded in hacking the iPhone, Internet Explorer and Firefox.

Apple CEO Steve Jobs admitted last summer that the company had been "naive" about how some companies were using the data they collected. Developers had violated Apple's privacy policy by forwarding device and location data to a third party network. The practice drew Jobs' ire last year when Flurry Analytics published the data as evidence of the then-unannounced iPad.

"It's violating every rule in our privacy policy," said Jobs. "We went through the roof about this. So we said: No, we're not going to allow this. It's violating our privacy policies and its pissing us off that they're publishing data about our new products.

Is there still no word on GPU acceleration in Safari? I know it has some rudimentary support, but its nowhere near as robust as the new browsers engines. Safari 5.1 on Lion doesn't seem to have it either. Any word on Safari 6?

Too bad it has to be one of those cooperative protocols - I can see where it would take some major revisions to how most protocols work (if not all of them). Will be a nice feature - maybe there will be a companion API that will allow querying the host for privacy status. Still having a hard time imagining how you can avoid having something piggyback if it really wants to.

Looks to me like Apple is leading the way, again. Good for them. This will put some pressure on other companies to do the same.

I think the pressure is on Apple and Google to support the feature. If you read the article carefully, Google has not implemented the do-not-track feature, and Apple will release it with Safari on Liion. Firefox 4 and Internet Explorer 9, both, already have the feature implemented.

Firefox 4 = implemented & released for public
Internet Explorer 9 = implemented & released for public
Safari for Lion = implemented (still in development)
Chrome = unknown, not yet

T;FTFY. It's like a stop sign; just because it's there doesn't mean everyone will follow the rules.

Except that a cop won't pull you over and give you a ticket for not following this. Also it is in your best interest to stop if you value your car and your life. It is not in advertisers best interest to follow these rules.

I think the pressure is on Apple and Google to support the feature. If you read the article carefully, Google has not implemented the do-not-track feature, and Apple will release it with Safari on Liion. Firefox 4 and Internet Explorer 9, both, already have the feature implemented.

Firefox 4 = implemented & released for public
Internet Explorer 9 = implemented & released for public
Safari for Lion = implemented (still in development)
Chrome = unknown, not yet

Yep, you're right. By "other companies" I meant those companies trying to collect and use private information.

In other words, it will become more and more frowned upon to collect private information. Perhaps wishful thinking on my part, but I personally, am more inclined to do business with companies that respect my privacy where their 'default' position is not to exploit my privacy.

Have you tried 'Reset Safari' under the Safari menu? Carefully review the options, and click on '?' in the lower left corner of the floating window before doing the reset.

You may also have a plug-in or extension that is causing problems, or insufficient memory.

You could try creating a temporary new account, and see how Safari does 'plain vanilla'. If it runs well at that point, then check out your modifications one by one.

thanks for the help, I am going to take your advice and try the last route. I have not reset safari, as I don't feel I should lose historical data to fix this, I have of course cleared some caches. As for plug ins, I do have my eyes on something that might be causing delays (cosmopod) but console doesn't really output any error other than loading it on safari startup.

Having said all that, I do believe safari is a dog compared to chrome at this moment (and I hate to say this, because chrome was the last thing (or anything google for that matter) I would like installed). Almost everything is slower in load times, and extensions work much better in chrome. Seems like google has tons of people working on it and apple is slightly lagging with their relatively small safari team...

Neat, but won't use it until they merge the URL + Search bars like Chrome.

Man I HATE that feature. I used it on IE9 and it sucks balls. I prefer the two because you know what you're doing. You know that when you type in the Search field it will perform a search and when you type in the URL field it will enter an address. It gets too confusing the other way.

Too bad it has to be one of those cooperative protocols - I can see where it would take some major revisions to how most protocols work (if not all of them). Will be a nice feature - maybe there will be a companion API that will allow querying the host for privacy status. Still having a hard time imagining how you can avoid having something piggyback if it really wants to.

I think it's just an extra HTTP header isn't it? Extra headers are allowed for in the original spec, I don't think it will be a major technical job to obey it, just a matter of will.

It is no coincidence that Chrome is now the last major browser to get on board. A cynical person might think this is the other companies trying to weaken Google, knowing how much they depend on advertising revenue.

Man I HATE that feature. I used it on IE9 and it sucks balls. I prefer the two because you know what you're doing. You know that when you type in the Search field it will perform a search and when you type in the URL field it will enter an address. It gets too confusing the other way.

there's a clear downside to it, but the ease of opening a tab and being right there in adress bar to be able to do a search is a plus. At least as an option I d like it, a lot.

IE9 also supports a second protection feature called "tracking protection", which is essentially just client-side domain blocking based on various lists updated by privacy organisations.

I think this is what is necessary for the feature to actually work. The impression that I get is that "do not track" is simply asking nicely for organizations to not do what's in their best interests as a favor to you. Their best interests is to hoard every scrap of data they can on you for later data mining, so what is the incentive to not record it? Especially when it's hard or impossible to verify the organization actually complies with your request? You need something better than an empty privacy theater, you need to avoid giving them any more data than you have to.

Here is what I do to keep google from tracking, it not 100% but it is better than nothing.

One do not use a @gmail.com account they read your emails so they know what things you are doing and are interested in.

Next, I never click on in web page ads from google. If I am interest in the ad I open a new window and type in the link so they do know if i was directed there from a google ad or another website.

I also use Little snitch and have it block the web browsers from contacting the google analytic ip addresses.

Lastly, if I go to google website and search for something I will connect through a proxy server first so they do not know what part of the world I am in. This has interesting effects since google places local content base on your IP up first, so if your IP says your in China then you get all kinds of china stuff.

Thanks solipsism. Doesn't Private Browsing prevent cookies too? If so, do you think having "Do Not Track" enabled will cause some web sites to not "work", similar to how some sites give you the message "You must have cookies enabled to....." do whatever you're trying to do on their site?

Its good Apple is adding this to Safari - but its a small modification - not something needing to be tied to an OS release, unless...a couple of questions come to mind since this was mentioned with regards to Lion.

Once Lion rolls out updates to Leopard will probably stop (if Apple follows historical practices of supporting the most recent 2 releases), this means the end of PPC updates and the end of Mac 32-bit Safari updates (presumably) since Snow Leopard and Lion use 64-bit Safari.

If Apple stops 32-bit Safari updates with Lion rollout (and the end of Leopard support) will Apple continue updating the 32-bit Windows version of Safari? It always seemed odd to me that they even offered it on Windows, but this would be the prime opportunity for Apple to toss it over the side. It'll be interesting to see what happens.